US11132460B2ActiveUtilityA1

Apparatus and method for controlling access to user information

90
Assignee: MOAC BLOCKCHAIN TECH INCPriority: Jun 7, 2019Filed: Jun 7, 2019Granted: Sep 28, 2021
Est. expiryJun 7, 2039(~12.9 yrs left)· nominal 20-yr term from priority
Inventors:Xiaohu Chen
H04L 9/50G06F 16/9024H04L 9/0643G06F 21/44H04L 63/0442H04L 63/108G06F 21/629G06F 21/6227H04L 63/101G06F 21/64G06F 16/1824H04L 63/123H04L 9/3239G06F 21/6245H04L 9/30H04L 2209/38
90
PatentIndex Score
9
Cited by
18
References
18
Claims

Abstract

An apparatus and method control access to user information by generating a record of user information that includes the user information and appending the record of user information to a blockchain. A hash is assigned to the user information and the record of user information is encrypted prior to appending the record of user information to the blockchain. A record of authorization is received and appended to the blockchain. The record of authorization includes the user information, an identification of a third-party application authorized to read the record of authorization, and an access expiration parameter that places a restriction or limitation on access to the user information.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method of controlling access to user information, the method comprising:
 generating a record of user information that includes the user information; appending the record of user information to a blockchain; 
 receiving a record of authorization that includes the user information, an identification of a third-party application authorized to read the record of authorization, and an access expiration parameter that places a restriction on access to the user information; and 
 appending the record of authorization to the blockchain, wherein the record of authorization comprises:
 an identification portion that includes the identification of the third-party application and a hash corresponding to the user information; and 
 a message portion that includes the user information, a public key of the third-party application, and the access expiration parameter. 
 
 
     
     
       2. The method of  claim 1 , wherein generating a record of user information comprises:
 receiving one or more inputs corresponding to the user information; and 
 assigning a hash to the user information. 
 
     
     
       3. The method of  claim 1 , further comprising encrypting the record of user information prior to appending the record of user information to the blockchain. 
     
     
       4. The method of  claim 1 , further comprising:
 receiving a record of endorsement of the record of user information; and 
 appending the record of endorsement to the blockchain. 
 
     
     
       5. The method of  claim 4 , wherein the record of endorsement confirms the veracity of the user information and includes information comprising a signature of verification, a verification expiration parameter that denotes when the verification expires, and a hash assigned to the user information. 
     
     
       6. The method of  claim 1 , wherein the message portion of the record of authorization is encrypted. 
     
     
       7. The method of  claim 1 , wherein the user information included in the record of authorization corresponds to the user information included in the record of user information appended to the blockchain. 
     
     
       8. The method of  claim 1 , further comprising:
 reading the record of authorization; and determining to store the user information based on the access expiration parameter. 
 
     
     
       9. An apparatus for controlling access to user information, the apparatus comprising:
 a network interface; 
 a memory; and 
 a processor coupled to the network interface and the memory and configured to:
 generate a record of user information that includes the user information; 
 append the record of user information to a blockchain; 
 receive a record of authorization that includes the user information, an identification of a third-party application authorized to read the record of authorization, and an access expiration parameter that places a restriction on access to the user information; and 
 append the record of authorization to the blockchain, wherein the record of authorization comprises:
 an identification portion that includes the identification of the third-party application and a hash corresponding to the user information; and 
 a message portion that includes the user information, a public key of the third-party application, and the access expiration parameter. 
 
 
 
     
     
       10. The apparatus of  claim 9 , wherein the processor generates a record of user information by being further configured to: receive one or more inputs corresponding to the user information; and assign a hash to the user information. 
     
     
       11. The apparatus of  claim 9 , wherein the processor is further configured to encrypt the record of user information prior to appending the record of user information to the blockchain. 
     
     
       12. The apparatus of  claim 9 , wherein the processor is further configured to:
 receiving a record of endorsement of the record of user information; and 
 appending the record of endorsement to the blockchain. 
 
     
     
       13. The apparatus of  claim 12 , wherein the record of endorsement confirms the veracity of the user information and includes information comprising a signature of verification, a verification expiration parameter that denotes when the verification expires, and a hash assigned to the user information. 
     
     
       14. The apparatus of  claim 9 , wherein the message portion of the record of authorization is encrypted. 
     
     
       15. The apparatus of  claim 9 , wherein the user information included in the record of authorization corresponds to the user information included in the record of user information appended to the blockchain. 
     
     
       16. A mechanism for controlling access to user information, the mechanism comprising:
 a non-volatile memory for storing one or more instructions; and a processor when executing the one or more instructions stored in the memory performs the steps of 
 generating a record of user information that includes the user information, and append the record of user information to a blockchain; and 
 receiving a record of authorization, and append the record of authorization to the blockchain, wherein the record of authorization comprises: 
 an identification portion that includes the identification of the third-party application and a hash corresponding to the user information; and 
 a message portion that includes the user information, a public key of the third-party application, and the access expiration parameter. 
 
     
     
       17. The mechanism of  claim 16 , wherein the processor is further configured to encrypt the record of user information prior to appending the record of user information to the blockchain. 
     
     
       18. The mechanism of  claim 16 , wherein the processor is further configured to receive a record of endorsement of the record of user information, and append the record of endorsement to the blockchain.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.